Athanasios Andreou
ABSTRACT
Individuals sharing data on today's social computing systems face privacy losses due to information disclosure that go much beyond the data they directly share. Indeed, it was shown that it is possible to infer additional information about a user from data shared by other users--- this type of information disclosure is called attribute disclosure. Such studies, however, were limited to a single social computing system. In reality, users have identities across several social computing systems and reveal different aspects of their lives in each. This enlarges considerably the scope of information disclosure, but also complicates its analysis. Indeed, when considering multiple social computing systems, information disclosure can be of two types: attribute disclosure or identity disclosure--- which relates to the risk of pinpointing, for a given identity in a social computing system, the identity of the same individual in another social computing system. This raises the key question: how do these two privacy risks relate to each other?
In this paper, we perform the first combined study of attribute and identity disclosure risks across multiple social computing systems. We first propose a framework to quantify these risks. Our empirical evaluation on a real-world dataset from Facebook and Twitter then shows that, in some regime, there is a tradeoff between the two information disclosure risks, that is, users with a lower identity disclosure risk suffer a higher attribute disclosure risk. We investigate in depth the different parameters that impact this tradeoff.
- L. Backstrom, E. Sun, and C. Marlow, "Find me if you can: improving geographical prediction with social and spatial proximity," in WWW, 2010.Google Scholar
- E. Zheleva and L. Getoor, "To join or not to join: The illusion of privacy in social networks with mixed public and private user profiles," in WWW, 2009.Google Scholar
- A. Mislove, B. Viswanath, K. P. Gummadi, and P. Druschel, "You are who you know: inferring user profiles in online social networks," in WSDM, 2010.Google Scholar
- J. Chang, I. Rosenn, L. Backstrom, and C. Marlow, "epluribus: Ethnicity on social networks." in ICWSM, 2010.Google Scholar
- M. Motoyama and G. Varghese, "I seek you: searching and matching individuals in social networks," in WIDM, 2009.Google Scholar
- D. Perito, C. Castelluccia, M. Ali Kâafar, and P. Manils, "How unique and traceable are usernames?" in PETS, 2011.Google Scholar
- A. Malhotra, L. Totti, W. Meira, P. Kumaraguru, and V. Almeida, "Studying user footprints in different online social networks," in CSOSN, 2012.Google Scholar
- P. K. Paridhi Jain and A. Joshi, "@i seek 'fb.me': Identifying users across multiple online social networks," in WoLE, 2013.Google Scholar
- A. Acquisti, R. Gross, and F. Stutzman, "Faces of facebook: Privacy in the age of augmented reality," in BlackHat, 2011.Google Scholar
- G.-w. You, S.-w. Hwang, Z. Nie, and J.-R. Wen, "Socialsearch: enhancing entity search with social network matching," in EDBT/ICDT, 2011.Google Scholar
- J. Vosecky, D. Hong, and V. Shen, "User identification across multiple social networks," in NDT, 2009.Google Scholar
- E. Raad, R. Chbeir, and A. Dipanda, "User profile matching in social networks," in NBiS, 2010.Google Scholar
- C. T. Northern and M. L. Nelson, "An unsupervised approach to discovering and disambiguating social media profiles," in MDSW, 2011.Google Scholar
- O. Peled, M. Fire, L. Rokach, and Y. Elovici, "Entity matching in online social networks." in SocialCom, 2013.Google Scholar
- J. Liu, F. Zhang, X. Song, Y.-I. Song, C.-Y. Lin, and H.-W. Hon, "What's in a name?: An unsupervised approach to link users across communities," in WSDM, 2013.Google Scholar
- R. Zafarani and H. Liu, "Connecting users across social media sites: A behavioral-modeling approach," in KDD, 2013.Google Scholar
- R. Zafarani and H. Liu, "Connecting corresponding identities across communities," in ICWSM, 2009.Google Scholar
- S. Labitzke, I. Taranu, and H. Hartenstein, "What your friends tell others about you: Low cost linkability of social network profiles," in SNA-KDD, 2011.Google Scholar
- O. Goga, P. Loiseau, R. Sommer, R. Teixeira, and K. P. Gummadi, "On the reliability of profile matching across large online social networks," in KDD, 2015.Google Scholar
- T. Chen, M. A. Kaafar, A. Friedman, and R. Boreli, "Is more always merrier?: A deep dive into online social footprints," in WOSN, 2012.Google Scholar
- J. A. Biega, K. P. Gummadi, I. Mele, D. Milchevski, C. Tryfonopoulos, and G. Weikum, "R-susceptibility: An ir-centric approach to assessing privacy risks for users in online communities," in SIGIR, 2016.Google Scholar
- M. Backes, P. Berrang, O. Goga, K. Gummadi, and P. Manoharan, "On profile linkability despite anonymity in social media systems," in WPES, 2016.Google Scholar
- D. Jurgens, "That's what friends are for: Inferring location in online social media platforms based on social relationships." in ICWSM, 2013.Google Scholar
- P. Wang, J. Guo, Y. Lan, J. Xu, and X. Cheng, "Your cart tells you: Inferring demographic attributes from purchase data," in WSDM, 2016.Google Scholar
- J. Otterbacher, "Inferring gender of movie reviewers: Exploiting writing style, content and metadata," in CIKM, 2010.Google Scholar
- J. Hu, H.-J. Zeng, H. Li, C. Niu, and Z. Chen, "Demographic prediction based on user's browsing behavior," in WWW, 2007.Google Scholar
- N. Z. Gong and B. Liu, "You are who you know and how you behave: Attribute inference attacks via users' social friends and behaviors," in USENIX Security, 2016.Google Scholar
- Y. Dong, Y. Yang, J. Tang, Y. Yang, and N. V. Chawla, "Inferring user demographics and social strategies in mobile social networks," in KDD, 2014.Google Scholar
- Y. Zhong, N. J. Yuan, W. Zhong, F. Zhang, and X. Xie, "You are where you go: Inferring demographic attributes from location check-ins," in WSDM, 2015.Google Scholar
- A. Chaabane, G. Acs, M. A. Kaafar et al., "You are what you like! information leakage through users' interests," in NDSS, 2012.Google Scholar
- R. Li, S. Wang, H. Deng, R. Wang, and K. C.-C. Chang, "Towards social user profiling: unified and discriminative influence model for inferring home locations," in KDD, 2012.Google Scholar
- K. Ryoo and S. Moon, "Inferring twitter user locations with 10 km accuracy," in WWW, 2014.Google Scholar
- D. Rao, D. Yarowsky, A. Shreevats, and M. Gupta, "Classifying latent user attributes in twitter," in SMUC, 2010.Google Scholar
- Y. DONG, N. V. CHAWLA, J. TANG, and Y. YANG, "User modeling on demographic attributes in big mobile social networks."Google Scholar
- L. Sweeney, "k-anonymity: A model for protecting privacy," International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 2002. Google ScholarDigital Library
- A. Machanavajjhala, D. Kifer, J. Gehrke, and M. Venkitasubramaniam, "l-diversity: Privacy beyond k-anonymity," TKDD, 2007.Google Scholar
- N. Li, T. Li, and S. Venkatasubramanian, "t-closeness: Privacy beyond k-anonymity and l-diversity," in ICDE, 2007.Google Scholar
- A. Campan and T. M. Truta, "Privacy, security, and trust in kdd," in Data and Structural k-Anonymity in Social Networks, 2009.Google Scholar
- B. Zhou and J. Pei, "The k-anonymity and l-diversity approaches for privacy preservation in social networks against neighborhood attacks," KAIS, 2011.Google Scholar
- C. Dwork, "Differential privacy," in ICALP, 2006.Google Scholar
- C. Dwork and A. Roth, "The algorithmic foundations of differential privacy," Found. Trends Theor. Comput. Sci., 2014.Google Scholar
- M. A. Mishari and G. Tsudik, "Exploring linkability of user reviews," in ESORICS, 2012.Google Scholar
- D. Lambert, "Measures of disclosure risk and harm," Journal of Official Statistics, 1993.Google Scholar
- P. Bhattacharya, M. B. Zafar, N. Ganguly, S. Ghosh, and K. P. Gummadi, "Inferring user interests in the twitter social network," in RecSys. ACM.Google Scholar
- A. Mislove, S. Lehmann, Y.-Y. Ahn, J.-P. Onnela, and J. N. Rosenquist, "Understanding the demographics of twitter users." in ICWSM, 2011.Google Scholar
- http://goo.gl/G4ZLgA, accessed: 2017-06-22.Google Scholar
- W. W. Cohen, P. Ravikumar, and S. E. Fienberg, "A comparison of string distance metrics for name-matching tasks," in IIWeb, 2003.Google Scholar
- "Phash," http://www.phash.org.Google Scholar
- D. G. Lowe, "Distinctive image features from scale-invariant keypoints," IJCV, 2004.Google Scholar
- Identity vs. Attribute Disclosure Risks for Users with Multiple Social Profiles
Recommendations
Flexible adversary disclosure risk measure for identity and attribute disclosure attacks
AbstractIndividuals generate tremendous amount of personal data each day, with a wide variety of uses. This datum often contains sensitive information about individuals, which can be disclosed by “adversaries”. Even when direct identifiers such as social ...
Identity disclosure protection: A data reconstruction approach for privacy-preserving data mining
Identity disclosure is one of the most serious privacy concerns in today's information age. A well-known method for protecting identity disclosure is k-anonymity. A dataset provides k-anonymity protection if the information for each individual in the ...
On prevention of attribute disclosure and identity disclosure against insider attack in collaborative social network data publishing
In a collaborative social network data publishing setup, privacy preservation of individuals is a vital issue. Existing privacy-preserving techniques assume the existence of attackers from external data recipients and hence, are vulnerable to insider ...
Comments